Some ramblings:

Sessions aren't really about authentication, and most of the session modules should work fine. Sessions aren't rocket science. If you're using a database abstraction layer, you may want to choose based on how well the module integrates with that layer.

Linux and solaris and probably other Unix-like systems support PAM for authentication, which integrates with shell logins, ssh, some FTP servers, and more. There's also Authen::Simple::PAM which does mod_perl HTTP (and direct) authentication via PAM.

PAM can get fairly complex, but it's very flexible, not all that hard to understand, and if you really want to integrate a lot of different services it's probably a good bet.